Ask HN: Why is someone scamming people with fake version of our website?

3 points by swisspol ↗ HN
Hi folks,

So we discovered a few weeks back this total ripoff of our product website (https://www.everpix.com/) located at http://www.pixanyday.com/landing.html. As you can see, it's totally non-functional but can be potentially deceptive to average users.

It's all kind of funny except it seems to be used to scam people. We know of least 1 person who got charged on their credit card by this pixanyday pretending to be Everpix and then complained to us.

Of course, we're checking with our legal counsel what options are available, but I'm really interested in discovering what's the masterplan of whoever is behind this?

PS: My best theory so far is that it's used to test stolen credit card numbers. They charge a few bucks to them, and if it works, then know the card is valid. If the user notices the charge soon enough and visits the website, it seems legit (and cheap too) and then possibly thinks the spouse did it and leaves it at that.

2 comments

[ 2.8 ms ] story [ 14.4 ms ] thread
In the source code it looks like some resources are being loaded through Cloudfront? Do you have any way of blocking these resources from being loaded on that domain?

Or better yet, can you change one of the javascript resources to detect if the domain is pixanyday and display a warning?

Yes all our assets are on CloudFront. That's a good idea to block based on domain if CF allows that. It might be a simple way to annoy whoever is doing this!